Getting "Bad subkey: openpgp: invalid data: Subkey wasn't signed; expected a 'binding' signature"

[robison]

Seeing this issue when people attempt to ID me (or I attempt to ID myself) using keybase id robison.

My use case is a single PGP master key (0x22B7F4876EF152B2) generated on an offline Yubikey, which in turn generated subkeys for s/e/a on each of two daily-use Yubikeys:

yk0 (master): sign/cert: 0x22B7F4876EF152B2

yk1: sign: 0x7E7B2933C1F568A6 encr: 0x4A8C71D6A219D4F7 auth: 0xD95640C7DCD5B8E6

yk2: sign: 0xBAE1377A3B4F5C60 encr: 0xBE569D18BC2C10F6 auth: 0x3FA14AC48C948EDD

...with the intentions:

• either of the pubkey sets could be used to reach me
• either of the pubkey sets could be used for gpg/ssh-agent (with both pubkeys being added to authorized_keys, obviously)
• the offline master can be used to revoke subkeys in the event of loss

I imagine it has to do with having two subkeys for each of signing/encryption/authentication, and PGP thinking that one of each key type is the older (the ones on yk1), and thus possibly stale. I may be trying to be too clever by half; would appreciate any feedback if I'm doing something that Keybase doesn't explicitly support.

my log id: f262d399c17efda75328951c

[robison]

Hi, any updates on this? I'm starting to think it's merely cosmetic, but would love to help in any way I can. Thanks!

[ianGre]

I have the exact same warning message! Additionally, when I try to sign my keybase message it does not come out as a "signature", but as a "message" (in gobbledegook). I'm using keybase pgp sign -m "I am and so on". As I do not get the output (required by OpenBazaar) I'm contemplating not using my old PGP key (from the 20th century), but letting Keybase create a new one.

[ianGre]

Well, that's weird! I created a completely fresh PGP key. Deleted the 19 year old key from Keybase. Added the new one, no problem. Ran this: keybase pgp sign -m "I am Qmb5RFhJvR25P1t4h1SgEZnXsoy4Kvc6FYis8Y9bYzEUWJ" and still it gave the dual warnings: ▶ WARNING Bad subkey: openpgp: invalid data: Subkey wasn't signed; expected a 'binding' signature ▶ WARNING Bad subkey: openpgp: invalid data: Subkey wasn't signed; expected a 'binding' signature and it gave the output as: -----BEGIN PGP MESSAGE----- Comment: https://keybase.io/download Version: Keybase Go 2.5.0 (darwin)

xA0DAAoB2qSH/9hjXZ0By+F0AOIAAAAA5UkgYW0gUW1iNVJGaEp2UjI1UDF0NGgx U2dFWm5Yc2955DRLdmM2RllpczhZOWJZekXhVVfgSgDCwVwEAAEKABAFAlt6Vi8J ENqkh//YY12dAAAzqRAAaMfuO/jaDR2cfKAyRM5bEov9owtZ0HhJtjQVa9Ma8PVI nkeTeD1UfOmxTmVD/7rEnwtFWpJUTEMamoDh6LYtuQ/HBaD7luSJ9uhbzT4j5qIX hjdHoyrEu4b+NEv7T+f7A00G0owFpaydr/xgXY4ZelZOyRBhxcRoR2aTksC7fxYd MBXCTpw4anMKQ+J+Q8dn3dF/oCbdREVPlxOWmpJGzUCueTSx6Q8ARlreQWfDkzUN 3dwUExHHfxzgeQBKUW4Xh80qkFPWh5s6ozXKLuVCf5lx9v8/ucwUSPNhjQUOz8lY ZeQ3m4KtcjpQwgV/OKBXgKUPRXvBNpwBhcLTmMhk55eE6HomLsb5IIA2ABYpAxSs WPP3YxMeGBtPsT5WCxTb3C+q+RIjxXO09rKT8lJ/f33XqvGeBgQhtzwj/VGPivhE EsZRnm5HzxS4eYR+wL3qxtL/9oyJZ069+PGmzwZ5k+39/40ljor+CZvSUuVmtuTT NhyhoP/l4dIiu0VrtXP6RRjPQS1XZR8um+quN4fDpgZzsXI3v4tNPAo24mY6KVqH cuHdhXZu9qr6muzK7NXxImOVhnEX4VNzCC9v83XboxPAy9CuPxFsMvKl1BAeRyNX E8m2Q8YQ5B/VByfPgmovu83+y9U42DLmj3AJU6fq29q8DHtV1v/g1OA2B4MUSBQ= =w6zp -----END PGP MESSAGE----- which is not what I expected, because it should have said that it was a PGP SIGNATURE, not a PGP MESSAGE. And it should have contained, according to the instructions I was following, the plain text message that it signed. Instead, when I DECRYPTED the output it said the signature was good and displayed the exact message that I signed.

[maxtaco]

the old key is still in your sigchain for alltime